<?php
/**
 * BootAdmin is committed to providing solutions for quickly building web applications
 * Please view the LICENSE file that was distributed with this source code,
 * For the full copyright and license information.
 * Thank you very much for using BootAdmin.
 *
 * @Author G.r<root@BootAdmin.com>
 */

declare (strict_types=1);

namespace app\admin\service;

use app\admin\model\Admin;
use app\admin\model\Dept;
use app\admin\model\Post;
use app\admin\model\Role;
use think\facade\Db;

class Auth
{
    /**
     * 获取用户权限
     * @return array
     */
    public static function getRules(): array
    {
         return Db::name('admin')->alias('u')
            ->join( 'admin_role ur', 'u.id=ur.admin_id')
            ->join( 'role_menu r', 'ur.role_id=r.role_id')
            ->join( 'menu m', 'm.id=r.menu_id')
            ->where('u.id', request()->adminId)
            ->column('m.code');
    }

    /**
     * 获取用户权限Ids
     * @return array
     */
    public static function getRulesIds(): array
    {
        return Db::name('admin')->alias('u')
            ->join( 'admin_role ur', 'u.id=ur.admin_id')
            ->join( 'role_menu r', 'ur.role_id=r.role_id')
            ->join( 'menu m', 'm.id=r.menu_id')
            ->where('u.id', request()->adminId)
            ->column('m.id');
    }

    /**
     * 获取用户角色IDS
     * @return array
     */
    public static function getRoleId(): array
    {
        return Db::name('admin')->alias('u')
            ->join( 'admin_role ur', 'u.id=ur.admin_id')
            ->where('u.id', request()->adminId)
            ->column('ur.role_id');
    }

    /**
     * 获取用户角色
     * @return array
     */
    public static function getRole()
    {
        $ids = self::getRoleId();
        return (new Role())->whereIn('id', $ids)->select()->toArray();
    }

    /**
     * 获取用户角色Code
     * @return array
     */
    public static function getRoleCode(): array
    {
        $ids = self::getRoleId();
        return (new Role())->whereIn('id', $ids)->column('code');
    }

    /**
     * 获取用户岗位IDS
     * @return array
     */
    public static function getPostId(): array
    {
        return Db::name('admin')->alias('u')
            ->join( 'admin_post up', 'u.id=up.admin_id')
            ->where('u.id', request()->adminId)
            ->column('up.post_id');
    }

    /**
     * 获取用户岗位
     * @return array
     */
    public static function getPost(): array
    {
        $ids = self::getPostId();
        return (new Post())->whereIn('id', $ids)->select()->toArray();
    }

    /**
     * 根据角色ID获取部门ID
     * @param $id
     * @return array
     */
    public static function getRoleByDeptIds($id): array
    {
        return Db::name('dept')->alias('d')
            ->join('role_dept rd', 'd.id=rd.dept_id')
            ->where('rd.role_id', $id)
            ->column('d.id');
    }

    /**
     * 获取数据边界
     * @return array
     */
    public static function getDataScope(): array
    {
        if (empty(request()->adminId)) {
            return [];
        }
        // 超级管理员不限制数据范围
        if (env('admin.super_admin') == request()->adminId) {
            return [];
        }
        $roles = self::getRole();
        $userIds = [];
        foreach ($roles as $role) {
            switch ($role->data_scope) {
                // 自定义权限
                case Role::CUSTOM_SCOPE:
                    $deptIds = self::getRoleByDeptIds($role->id);
                    $adminIds = Admin::whereIn('dept_id', $deptIds)->column('id');
                    $userIds = array_merge($userIds, $adminIds);
                    $userIds[] = request()->adminId;
                    break;
                // 本部门权限
                case Role::SELF_DEPT_SCOPE:
                    $deptId = Admin::where('id', request()->adminId)->value('dept_id');
                    $adminIds = Admin::whereIn('dept_id', $deptId)->column('id');
                    $userIds = array_merge($userIds, $adminIds);
                    $userIds[] = request()->adminId;
                    break;
                // 本部门及子部门权限
                case Role::DEPT_BELOW_SCOPE:
                    $deptId = Admin::where('id', request()->adminId)->value('dept_id');
                    $deptIds = Dept::where('id', $deptId)->where('level', 'like', '%'.$deptId.'%');
                    $adminIds = Admin::whereIn('dept_id', $deptIds)->column('id');
                    $userIds = array_merge($userIds, $adminIds);
                    $userIds[] = request()->adminId;
                    break;
                // 本人权限
                case Role::SELF_SCOPE:
                    $userIds[] = request()->adminId;
                    break;
                case Role::ALL_SCOPE:
                default:
                    break;
            }
        }
        return $userIds;
    }
}